Пример #1
0
func Remember(r *http.Request, w http.ResponseWriter, id uint64) error {
	if id == 0 {
		return nil
	}
	session, err := sessionStore.New(r, "remember")
	if err != nil {
		return err
	}
	se, rerr := RedisClient.Get(fmt.Sprintf("user:%d:password", id))
	if rerr != nil {
		return rerr
	}
	ph := passwordhash.NewSaltIter(se.String(), rememberKey, passwordhash.DefaultIterations)
	values := make([]interface{}, 2)
	values[0] = id
	values[1] = string(ph.Hash)
	encoded, err := securecookie.EncodeMulti(session.Name(), values, sessionStore.Codecs...)
	if err != nil {
		return err
	}
	cookie := &http.Cookie{
		Name:     session.Name(),
		Value:    encoded,
		Path:     rememberOpts.Path,
		Domain:   rememberOpts.Domain,
		MaxAge:   rememberOpts.MaxAge,
		Secure:   rememberOpts.Secure,
		HttpOnly: rememberOpts.HttpOnly,
	}
	http.SetCookie(w, cookie)
	context.DefaultContext.Clear(r)
	return nil
}
Пример #2
0
func Regen(r *http.Request) (uint64, error) {
	name := "remember"
	c, err := r.Cookie(name)
	if err != nil {
		if err == http.ErrNoCookie {
			return 0, nil
		}
		fmt.Println("cookie err", err)
		return 0, err
	}
	vals := make([]interface{}, 2)
	err = securecookie.DecodeMulti(name, c.Value, &vals, sessionStore.Codecs...)
	if err != nil {
		return 0, err
	}
	id := vals[0].(uint64)
	se, rerr := RedisClient.Get(fmt.Sprintf("user:%d:password", id))
	if rerr != nil {
		return 0, rerr
	}
	ph := passwordhash.NewSaltIter(se.String(), rememberKey, passwordhash.DefaultIterations)
	if string(ph.Hash) == vals[1].(string) {
		return id, nil
	}
	return 0, nil
}